Increasingly, wireless communications devices, such as cellular telephones, pagers and wireless-enabled personal data assistants, have begun to offer a broader range of capabilities in addition to providing basic wireless telephone communications services. In particular, feature-rich smart phones are becoming widely available and can soon be expected to supplant older generations of communications-only wireless telephones. Smart phones integrate a general purpose processor and memory array with wireless communications hardware to offer increased interoperability and function.
For instance, by design, most smart phones include a micro Web browser for viewing Web content received via the Internet using the wireless access protocol (WAP). Web content retrieved by microbrowsers are written as scripts in the Wireless Markup Language (WML), an Xtensible Markup Language (XML) derivative specifically used to specify content for viewing on microbrowsers of WAP-enabled devices.
Smart phones offer a layered systems architecture. An operating system executes above the mobile communications hardware and provides extensibility to the wireless device. The operating system offers support for several areas of emerging technology that enable a user to download and execute applications from third parties. The Short Message Service (SMS) provides access to Web content and electronic mail (email). The Wireless Markup Language (WML) provides a compact scripting language for displaying Web content on micro Web browsers. Finally, the Java 2 Platform Micro Edition allows wireless devices to execute Java applets through a Java Virtual Machine (JVM).
In addition, smart phones enjoy increased connectivity through alternative wireless communications channels. For example, the General Packet Radio Service (GPRS) provides standardized wireless communications services particularly suited for sending and receiving small bursts of data, such as email and Web content. As well, the 3G standard specifies a third generation global communications technology that offers increased bandwidth for data delivery to smart phones and other wireless devices.
The increased capabilities and interconnectivity of the latest generation of wireless devices highlights potential areas of concern from a content security standpoint. For example, the enhanced feature set of the Short Message Service (SMS) invites potential misuse of the extended functionality exposed by the parser. Similarly, WML scripts create the opportunity for worm or content attacks based on the functionality exposed by the underlying scripting language. Similarly, the Java 2 Platform Micro Edition (J2ME) allows developers to create applications and programs for wireless and mobile devices written in the Java programming language. Like WML, J2ME features can be misused through the creation and dissemination of malicious applets.
These increased capabilities underscore the problem of providing content security to wireless devices. Ideally, from the standpoint of an end-user, wireless devices should be near-zero maintenance devices, which are purchased, turned on, and put into use. A wireless device should ideally provide the service promised without requiring detailed configuration or management by the end-user.
Smart phones generally lack extensible content security. Nonetheless, the potential for computer viruses, malware and other forms of bad content are increased as the capabilities of the wireless device improve. Various forms of infectible content are easily downloaded and the likelihood of an infection of a wireless occurring increase in direct proportion to the capabilities offered thereby.
In the prior art, traditional computer anti-virus scanning solutions are installed and configured on individual clients interfaced to a distributed network environment. Content is scanned for the presence of computer viruses, malware or other bad content prior to opening. However, this approach assumes a standard connection to a vendor-supported Web site from which upgrades and modifications to the anti-virus scanner can be easily obtained and installed. Ad hoc solutions to applying the same content security technology to wireless devices fail to account for the general lack of user sophistication and limited user interfacing capabilities.
Therefore, there is a need for an architecture for providing content security service provision and delivery to wireless devices operating in a wireless network environment. Preferably, such an approach would provide centralized supervision and localized management of individual wireless devices.
There is a further need for an approach to providing a closed service loop provisioning framework supporting wireless devices. Preferably, such an approach would provide service provisioning, reporting and statistical generation, and transparent updating and modification of individual wireless devices in a fully-integrated manner.